NetBSD Problem Report #30295

From wiz@dmath5.geometrie.tuwien.ac.at  Sat May 21 15:10:23 2005
Return-Path: <wiz@dmath5.geometrie.tuwien.ac.at>
Received: from dmath5.geometrie.tuwien.ac.at (dmath5.geometrie.tuwien.ac.at [128.130.42.105])
	by narn.netbsd.org (Postfix) with ESMTP id 5BAE163B104
	for <gnats-bugs@gnats.NetBSD.org>; Sat, 21 May 2005 15:10:23 +0000 (UTC)
Message-Id: <20050521151020.24CD8294AE@dmath5.geometrie.tuwien.ac.at>
Date: Sat, 21 May 2005 17:10:20 +0200 (CEST)
From: Thomas Klausner <wiz@NetBSD.org>
Reply-To: Thomas Klausner <wiz@NetBSD.org>
To: gnats-bugs@netbsd.org
Subject: getty accepts too few letters after username prompt
X-Send-Pr-Version: 3.95

>Number:         30295
>Category:       bin
>Synopsis:       getty accepts too few letters after username prompt
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat May 21 15:11:00 +0000 2005
>Last-Modified:  Mon May 30 21:04:01 +0000 2005
>Originator:     Thomas Klausner
>Release:        NetBSD 3.99.3/i386
>Organization:

>Environment:


>Description:
When entering a username at the console, getty only accepts the first 16 letters
and then automatically switches to the password prompt (no return needed).

It should not do this for at least these reasons:
. usernames are allowed to be longer than 16 characters
. there was no return
. login doesn't do it this way

See also
	http://mail-index.netbsd.org/current-users/2005/05/21/0002.html
>How-To-Repeat:
Boot. Enter 16 characters at the login prompt.
>Fix:
Sorry, not provided.

>Release-Note:

>Audit-Trail:
From: christos@zoulas.com (Christos Zoulas)
To: gnats-bugs@netbsd.org, gnats-admin@netbsd.org,
	netbsd-bugs@netbsd.org
Cc: 
Subject: Re: bin/30295: getty accepts too few letters after username prompt
Date: Sat, 21 May 2005 13:28:29 -0400

 On May 21,  3:11pm, wiz@NetBSD.org (Thomas Klausner) wrote:
 -- Subject: bin/30295: getty accepts too few letters after username prompt

 | >Number:         30295
 | >Category:       bin
 | >Synopsis:       getty accepts too few letters after username prompt
 | >Confidential:   no
 | >Severity:       serious
 | >Priority:       medium
 | >Responsible:    bin-bug-people
 | >State:          open
 | >Class:          sw-bug
 | >Submitter-Id:   net
 | >Arrival-Date:   Sat May 21 15:11:00 +0000 2005
 | >Originator:     Thomas Klausner
 | >Release:        NetBSD 3.99.3/i386
 | >Organization:
 | 
 | >Environment:
 | 	
 | 	
 | >Description:
 | When entering a username at the console, getty only accepts the first 16 letters
 | and then automatically switches to the password prompt (no return needed).
 | 
 | It should not do this for at least these reasons:
 | . usernames are allowed to be longer than 16 characters
 | . there was no return
 | . login doesn't do it this way

 I will argue otherwise:

 . usernames can only go up to LOGIN_MAX, which is 16.
 . this has been the traditional behavior and it is done on purpose.
   It can be changed to silently ignore input, but nobody has complained
   until now. 
 . most other unixes do it this way.

 christos

From: Martin Husemann <martin@duskware.de>
To: gnats-bugs@netbsd.org
Cc: gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: bin/30295: getty accepts too few letters after username prompt
Date: Sat, 21 May 2005 23:21:06 +0200

 At least it should be consistent between getty and login - so maybe login
 should be changed to stop earlier too?

 Martin

From: Hubert Feyrer <hubert@feyrer.de>
To: gnats-bugs@netbsd.org
Cc: wiz@netbsd.org
Subject: Re: bin/30295
Date: Fri, 27 May 2005 01:56:42 +0200 (CEST)

 Christos wrote:
 >  . most other unixes do it this way.

 At least on Solaris 9/x86 with "telnet localhost", you can enter ~256 
 chars, and then the system beeps on any extra char you type.
 Sounds much more sane to me than jumping to ask for a password.

 The patch below does what Solaris does - any further keystrokes beyond 
 LOGIN_NAME_MAX replace the last char, and beep.

 Poking in the CVS logs, the code was touched in 1999 in rev. 1.28 for soe 
 cosmetics, but the real test goes back to rev. 1.1 in 1993.


   - Hubert

 Index: main.c
 ===================================================================
 RCS file: /cvsroot/src/libexec/getty/main.c,v
 retrieving revision 1.47
 diff -u -r1.47 main.c
 --- main.c	17 Mar 2005 01:25:40 -0000	1.47
 +++ main.c	26 May 2005 23:48:43 -0000
 @@ -503,12 +503,15 @@

   		if (c == EOT)
   			exit(1);
 -		if (c == '\r' || c == '\n' ||
 -		    np >= &name[LOGIN_NAME_MAX - 1]) {
 +		if (c == '\r' || c == '\n') {
   			*np = '\0';
   			putf("\r\n");
   			break;
   		}
 +		if (np >= &name[LOGIN_NAME_MAX - 1]) {
 +			putf("\a\b \b");
 +			np--;
 +		}
   		if (islower(c))
   			lower = 1;
   		else if (isupper(c))

 -- 
 Genervt von Viren und von Viren versandten Spam-Mails?  -> www.NetBSD.de
 Fed up from viruses & virus-originated spam mail?       -> www.NetBSD.org

From: Hubert Feyrer <hubert@feyrer.de>
To: gnats-bugs@netbsd.org
Cc: wiz@netbsd.org, christos@netbsd.org
Subject: Re: bin/30295
Date: Mon, 30 May 2005 10:50:53 +0200 (CEST)

   This message is in MIME format.  The first part should be readable text,
   while the remaining parts are likely unreadable without MIME-aware tools.

 ---559023410-471396894-1117443053=:2054
 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: QUOTED-PRINTABLE


 Thorsten Glaser (from MirBSD/MirOS) pointed me at these URLs:

 http://article.gmane.org/gmane.os.miros.cvs/6230
 http://article.gmane.org/gmane.os.miros.cvs/6231


 Aparently he did a bit of tweaking to my patch, here's his diff (for both=
 =20
 changes):

 Index: src/libexec/getty/main.c
 (RCSID Kram gek=FCrzt)
 diff -u src/libexec/getty/main.c:1.1.1.1 src/libexec/getty/main.c:1.3
 --- src/libexec/getty/main.c:1.1.1.1=09Sat Feb  5 17:26:19 2005
 +++ src/libexec/getty/main.c=09Mon May 30 07:29:32 2005
 @@ -405,15 +404,10 @@

   =09=09if (c =3D=3D EOT)
   =09=09=09exit(1);
 -=09=09if (c =3D=3D '\r' || c =3D=3D '\n' || np >=3D name + sizeof name -1)=
  {
 +=09=09if (c =3D=3D '\r' || c =3D=3D '\n') {
   =09=09=09putf("\r\n");
   =09=09=09break;
 -=09=09}
 -=09=09if (islower(c))
 -=09=09=09lower =3D 1;
 -=09=09else if (isupper(c))
 -=09=09=09upper =3D 1;
 -=09=09else if (c =3D=3D ERASE || c =3D=3D '#' || c =3D=3D '\b') {
 +=09=09} else if (c =3D=3D ERASE || c =3D=3D '#' || c =3D=3D '\b') {
   =09=09=09if (np > name) {
   =09=09=09=09np--;
   =09=09=09=09if (cfgetospeed(&tmode) >=3D 1200)
 @@ -433,7 +427,17 @@
   =09=09=09prompt();
   =09=09=09np =3D name;
   =09=09=09continue;
 -=09=09} else if (isdigit(c))
 +=09=09}
 +=09=09if (np >=3D name + sizeof name - 1) {
 +=09=09=09putf("\a\b \b");
 +=09=09=09np--;
 +=09=09=09continue;
 +=09=09}
 +=09=09if (islower(c))
 +=09=09=09lower =3D 1;
 +=09=09else if (isupper(c))
 +=09=09=09upper =3D 1;
 +=09=09else if (isdigit(c))
   =09=09=09digit++;
   =09=09if (IG && (c <=3D ' ' || c > 0176))
   =09=09=09continue;


   - Hubert

 --=20
 Genervt von Viren und von Viren versandten Spam-Mails?  -> www.NetBSD.de
 Fed up from viruses & virus-originated spam mail?       -> www.NetBSD.org
 ---559023410-471396894-1117443053=:2054--

From: Hubert Feyrer <hubert@feyrer.de>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: bin/30295 - MirBSD patch, resent
Date: Mon, 30 May 2005 12:18:39 +0200 (CEST)

   This message is in MIME format.  The first part should be readable text,
   while the remaining parts are likely unreadable without MIME-aware tools.

 ---559023410-65871735-1117448319=:2054
 Content-Type: TEXT/PLAIN; charset=ISO-8859-1; format=flowed
 Content-Transfer-Encoding: QUOTED-PRINTABLE


 [Martin asked me to send the patch again, without MIME foo - Let's
   hope pine gets it right this time ;-]




 Thorsten Glaser (from MirBSD/MirOS) pointed me at these URLs:

 http://article.gmane.org/gmane.os.miros.cvs/6230
 http://article.gmane.org/gmane.os.miros.cvs/6231


 Aparently he did a bit of tweaking to my patch, here's his diff (for both=
 =20
 changes):

 Index: src/libexec/getty/main.c
 (RCSID Kram gek=FCrzt)
 diff -u src/libexec/getty/main.c:1.1.1.1 src/libexec/getty/main.c:1.3
 --- src/libexec/getty/main.c:1.1.1.1=09Sat Feb  5 17:26:19 2005
 +++ src/libexec/getty/main.c=09Mon May 30 07:29:32 2005
 @@ -405,15 +404,10 @@

    =09=09if (c =3D=3D EOT)
    =09=09=09exit(1);
 -=09=09if (c =3D=3D '\r' || c =3D=3D '\n' || np >=3D name + sizeof name -1)=
  {
 +=09=09if (c =3D=3D '\r' || c =3D=3D '\n') {
    =09=09=09putf("\r\n");
    =09=09=09break;
 -=09=09}
 -=09=09if (islower(c))
 -=09=09=09lower =3D 1;
 -=09=09else if (isupper(c))
 -=09=09=09upper =3D 1;
 -=09=09else if (c =3D=3D ERASE || c =3D=3D '#' || c =3D=3D '\b') {
 +=09=09} else if (c =3D=3D ERASE || c =3D=3D '#' || c =3D=3D '\b') {
    =09=09=09if (np > name) {
    =09=09=09=09np--;
    =09=09=09=09if (cfgetospeed(&tmode) >=3D 1200)
 @@ -433,7 +427,17 @@
    =09=09=09prompt();
    =09=09=09np =3D name;
    =09=09=09continue;
 -=09=09} else if (isdigit(c))
 +=09=09}
 +=09=09if (np >=3D name + sizeof name - 1) {
 +=09=09=09putf("\a\b \b");
 +=09=09=09np--;
 +=09=09=09continue;
 +=09=09}
 +=09=09if (islower(c))
 +=09=09=09lower =3D 1;
 +=09=09else if (isupper(c))
 +=09=09=09upper =3D 1;
 +=09=09else if (isdigit(c))
    =09=09=09digit++;
    =09=09if (IG && (c <=3D ' ' || c > 0176))
    =09=09=09continue;


    - Hubert

 --=20
 Genervt von Viren und von Viren versandten Spam-Mails?  -> www.NetBSD.de
 Fed up from viruses & virus-originated spam mail?       -> www.NetBSD.org
 ---559023410-65871735-1117448319=:2054--

From: Hubert Feyrer <hubert@feyrer.de>
To: gnats-bugs@netbsd.org
Cc: 
Subject: Re: bin/30295 - MirBSD patch, resent
Date: Mon, 30 May 2005 12:46:19 +0200 (CEST)

 On Mon, 30 May 2005, Hubert Feyrer wrote:
 > [Martin asked me to send the patch again, without MIME foo - Let's
 > hope pine gets it right this time ;-]

 grmbl, apparently not. I've appended the patch to the PR manually, see the
 Unformatted section.


   - Hubert

 -- 
 Genervt von Viren und von Viren versandten Spam-Mails?  -> www.NetBSD.de
 Fed up from viruses & virus-originated spam mail?       -> www.NetBSD.org

From: Thomas Klausner <wiz@netbsd.org>
To: Hubert Feyrer <hubert@feyrer.de>
Cc: gnats-bugs@netbsd.org
Subject: Re: bin/30295
Date: Mon, 30 May 2005 23:03:27 +0200

 For the record: getty doesn't allow spaces either, while login does.
  Thomas

>Unformatted:

 Here's the patch again, w/o MIME foo [this time for real - hi Martin!]
 - hubertf, Mon May 30 12:44:38 CEST 2005

 Thorsten Glaser (from MirBSD/MirOS) pointed me at these URLs:

 http://article.gmane.org/gmane.os.miros.cvs/6230
 http://article.gmane.org/gmane.os.miros.cvs/6231


 Aparently he did a bit of tweaking to my patch, here's his diff (for both 
 changes):

 Index: src/libexec/getty/main.c
 (RCSID Kram gekürzt)
 diff -u src/libexec/getty/main.c:1.1.1.1 src/libexec/getty/main.c:1.3
 --- src/libexec/getty/main.c:1.1.1.1	Sat Feb  5 17:26:19 2005
 +++ src/libexec/getty/main.c	Mon May 30 07:29:32 2005
 @@ -405,15 +404,10 @@

  		if (c == EOT)
  			exit(1);
 -		if (c == '\r' || c == '\n' || np >= name + sizeof name -1) {
 +		if (c == '\r' || c == '\n') {
  			putf("\r\n");
  			break;
 -		}
 -		if (islower(c))
 -			lower = 1;
 -		else if (isupper(c))
 -			upper = 1;
 -		else if (c == ERASE || c == '#' || c == '\b') {
 +		} else if (c == ERASE || c == '#' || c == '\b') {
  			if (np > name) {
  				np--;
  				if (cfgetospeed(&tmode) >= 1200)
 @@ -433,7 +427,17 @@
  			prompt();
  			np = name;
  			continue;
 -		} else if (isdigit(c))
 +		}
 +		if (np >= name + sizeof name - 1) {
 +			putf("\a\b \b");
 +			np--;
 +			continue;
 +		}
 +		if (islower(c))
 +			lower = 1;
 +		else if (isupper(c))
 +			upper = 1;
 +		else if (isdigit(c))
  			digit++;
  		if (IG && (c <= ' ' || c > 0176))
  			continue;


  - Hubert

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.